diff options
| author |   Christian Ruppert <idl0r@gentoo.org> | 2015-09-11 14:02:15 +0200 |
|---|---|---|
| committer | Christian Ruppert <idl0r@gentoo.org> | 2015-09-11 14:02:15 +0200 |
| commit | be0849ea2a1695a95b521a00318cfba364777ee9 (patch) | |
| tree | 5255fc2818d84ddbd7dc92fbafc83d1b435da8f2 | |
| parent | Merge tag 'release-5.0' into bugstest (diff) | |
| parent | Bumped version to 5.0.1 (diff) | |
| download | bugzilla-be0849ea2a1695a95b521a00318cfba364777ee9.tar.gz bugzilla-be0849ea2a1695a95b521a00318cfba364777ee9.tar.bz2 bugzilla-be0849ea2a1695a95b521a00318cfba364777ee9.zip | |
Merge tag 'release-5.0.1' into bugstest
46 files changed, 310 insertions, 186 deletions
diff --git a/Bugzilla/Auth/Verify.pm b/Bugzilla/Auth/Verify.pm index e44fb06ae..9dc83273b 100644 --- a/Bugzilla/Auth/Verify.pm +++ b/Bugzilla/Auth/Verify.pm @@ -106,21 +106,24 @@ sub create_or_update_user { my $user = new Bugzilla::User($user_id); - # Now that we have a valid User, we need to see if any data has to be - # updated. + # Now that we have a valid User, we need to see if any data has to be updated. + my $changed = 0; + if ($username && lc($user->login) ne lc($username)) { validate_email_syntax($username) || return { failure => AUTH_ERROR, error => 'auth_invalid_email', details => {addr => $username} }; $user->set_login($username); + $changed = 1; } if ($real_name && $user->name ne $real_name) { # $real_name is more than likely tainted, but we only use it # in a placeholder and we never use it after this. trick_taint($real_name); $user->set_name($real_name); + $changed = 1; } - $user->update(); + $user->update() if $changed; return { user => $user }; } diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm index bfc2fe0d9..34bf95ff7 100644 --- a/Bugzilla/Bug.pm +++ b/Bugzilla/Bug.pm @@ -533,7 +533,7 @@ sub _preload_referenced_bugs { my $referenced_bugs = Bugzilla::Bug->new_from_list(\@ref_bug_ids); $_->object_cache_set() foreach @$referenced_bugs; - return $referenced_bug_ids + return $referenced_bug_ids; } # Extract bug IDs mentioned in comments. This is much faster than calling quoteUrls(). @@ -566,6 +566,8 @@ sub _extract_bug_ids { # Old duplicate markers push @bug_ids, $text =~ /(?<=^\*\*\*\ This\ bug\ has\ been\ marked\ as\ a\ duplicate\ of\ )(\d+)(?=\ \*\*\*\Z)/; } + # Make sure to filter invalid bug IDs. + @bug_ids = grep { $_ < MAX_INT_32 } @bug_ids; return [uniq @bug_ids]; } @@ -2257,7 +2259,7 @@ sub _check_integer_field { ThrowUserError("number_not_integer", {field => $field, num => $orig_value}); } - elsif ($value > MAX_INT_32) { + elsif (abs($value) > MAX_INT_32) { ThrowUserError("number_too_large", {field => $field, num => $orig_value, max_num => MAX_INT_32}); } diff --git a/Bugzilla/Config.pm b/Bugzilla/Config.pm index 1e22b5239..b4ff803bd 100644 --- a/Bugzilla/Config.pm +++ b/Bugzilla/Config.pm @@ -266,27 +266,6 @@ sub update_params { $op_file->close; } - if (ON_WINDOWS && !-e SENDMAIL_EXE - && $param->{'mail_delivery_method'} eq 'Sendmail') - { - my $smtp = $answer->{'SMTP_SERVER'}; - if (!$smtp) { - print "\nBugzilla requires an SMTP server to function on", - " Windows.\nPlease enter your SMTP server's hostname: "; - $smtp = <STDIN>; - chomp $smtp; - if ($smtp) { - $param->{'smtpserver'} = $smtp; - } - else { - print "\nWarning: No SMTP Server provided, defaulting to", - " localhost\n"; - } - } - - $param->{'mail_delivery_method'} = 'SMTP'; - } - write_params($param); if (-e $old_file) { diff --git a/Bugzilla/Config/Common.pm b/Bugzilla/Config/Common.pm index 414894773..e8dfe3e9d 100644 --- a/Bugzilla/Config/Common.pm +++ b/Bugzilla/Config/Common.pm @@ -249,8 +249,8 @@ sub check_font_file { $font = trim($font); return '' unless $font; - if ($font !~ /\.ttf$/) { - return "The file must point to a TrueType font file (its extension must be .ttf)" + if ($font !~ /\.(ttf|otf)$/) { + return "The file must point to a TrueType or OpenType font file (its extension must be .ttf or .otf)" } if (! -f $font) { return "The file '$font' cannot be found. Make sure you typed the full path to the file" @@ -299,7 +299,7 @@ sub check_mail_delivery_method { my $check = check_multi(@_); return $check if $check; my $mailer = shift; - if ($mailer eq 'sendmail' and ON_WINDOWS) { + if ($mailer eq 'Sendmail' and ON_WINDOWS) { # look for sendmail.exe return "Failed to locate " . SENDMAIL_EXE unless -e SENDMAIL_EXE; @@ -346,6 +346,8 @@ sub check_smtp_server { my $host = shift; my $port; + return '' unless $host; + if ($host =~ /:/) { ($host, $port) = split(/:/, $host, 2); unless ($port && detaint_natural($port)) { diff --git a/Bugzilla/Constants.pm b/Bugzilla/Constants.pm index 42b208aeb..0a8295eb6 100644 --- a/Bugzilla/Constants.pm +++ b/Bugzilla/Constants.pm @@ -200,7 +200,7 @@ use Memoize; # CONSTANTS # # Bugzilla version -use constant BUGZILLA_VERSION => "5.0"; +use constant BUGZILLA_VERSION => "5.0.1"; # A base link to the current REST Documentation. We place it here # as it will need to be updated to whatever the current release is. diff --git a/Bugzilla/DB.pm b/Bugzilla/DB.pm index c9eaf6e9e..6c9a29ebb 100644 --- a/Bugzilla/DB.pm +++ b/Bugzilla/DB.pm @@ -1510,7 +1510,7 @@ __END__ =head1 NAME -Bugzilla::DB - Database access routines, using L<DBI> +Bugzilla::DB - Database access routines, using L<DBI|https://metacpan.org/pod/DBI> =head1 SYNOPSIS @@ -1771,7 +1771,7 @@ The constructor should create a DSN from the parameters provided and then call C<db_new()> method of its super class to create a new class instance. See L<db_new> description in this module. As per DBI documentation, all class variables must be prefixed with -"private_". See L<DBI>. +"private_". See L<DBI|https://metacpan.org/pod/DBI>. =back @@ -2242,7 +2242,8 @@ These methods return information about data in the database. Returns the last serial number, usually from a previous INSERT. Must be executed directly following the relevant INSERT. -This base implementation uses L<DBI/last_insert_id>. If the +This base implementation uses DBI's +L<last_insert_id|https://metacpan.org/pod/DBI#last_insert_id>. If the DBD supports it, it is the preffered way to obtain the last serial index. If it is not supported, the DB-specific code needs to override this function. @@ -2692,7 +2693,7 @@ our check for implementation of C<new> by derived class useless. =head1 SEE ALSO -L<DBI> +L<DBI|https://metacpan.org/pod/DBI> L<Bugzilla::Constants/DB_MODULE> diff --git a/Bugzilla/Install/Requirements.pm b/Bugzilla/Install/Requirements.pm index f723543b8..a688a0ffa 100644 --- a/Bugzilla/Install/Requirements.pm +++ b/Bugzilla/Install/Requirements.pm @@ -415,7 +415,13 @@ sub OPTIONAL_MODULES { module => 'File::Copy::Recursive', version => 0, feature => ['documentation'], - } + }, + { + package => 'File-Which', + module => 'File::Which', + version => 0, + feature => ['documentation'], + }, ); my $extra_modules = _get_extension_requirements('OPTIONAL_MODULES'); diff --git a/Bugzilla/Mailer.pm b/Bugzilla/Mailer.pm index 0b82ded41..196c57ec0 100644 --- a/Bugzilla/Mailer.pm +++ b/Bugzilla/Mailer.pm @@ -41,6 +41,8 @@ sub MessageToMTA { return; } + my $dbh = Bugzilla->dbh; + my $email; if (ref $msg) { $email = $msg; @@ -58,11 +60,14 @@ sub MessageToMTA { # email immediately, in case the transaction is rolled back. Instead we # insert it into the mail_staging table, and bz_commit_transaction calls # send_staged_mail() after the transaction is committed. - if (! $send_now && Bugzilla->dbh->bz_in_transaction()) { + if (! $send_now && $dbh->bz_in_transaction()) { # The e-mail string may contain tainted values. my $string = $email->as_string; trick_taint($string); - Bugzilla->dbh->do("INSERT INTO mail_staging (message) VALUES(?)", undef, $string); + + my $sth = $dbh->prepare("INSERT INTO mail_staging (message) VALUES (?)"); + $sth->bind_param(1, $string, $dbh->BLOB_TYPE); + $sth->execute; return; } @@ -214,17 +219,14 @@ sub build_thread_marker { sub send_staged_mail { my $dbh = Bugzilla->dbh; - my @ids; - my $emails - = $dbh->selectall_arrayref("SELECT id, message FROM mail_staging"); - foreach my $row (@$emails) { - MessageToMTA($row->[1]); - push(@ids, $row->[0]); - } + my $emails = $dbh->selectall_arrayref('SELECT id, message FROM mail_staging'); + my $sth = $dbh->prepare('DELETE FROM mail_staging WHERE id = ?'); - if (@ids) { - $dbh->do("DELETE FROM mail_staging WHERE " . $dbh->sql_in('id', \@ids)); + foreach my $email (@$emails) { + my ($id, $message) = @$email; + MessageToMTA($message); + $sth->execute($id); } } diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm index cd33efd89..92c69d483 100644 --- a/Bugzilla/Template.pm +++ b/Bugzilla/Template.pm @@ -1170,6 +1170,17 @@ sub create { return \@optional; }, 'default_authorizer' => sub { return Bugzilla::Auth->new() }, + + 'login_not_email' => sub { + my $params = Bugzilla->params; + my $cache = Bugzilla->request_cache; + + return $cache->{login_not_email} //= + ($params->{emailsuffix} + || ($params->{user_verify_class} =~ /LDAP/ && $params->{LDAPmailattribute}) + || ($params->{user_verify_class} =~ /RADIUS/ && $params->{RADIUS_email_suffix})) + ? 1 : 0; + }, }, }; # Use a per-process provider to cache compiled templates in memory across diff --git a/Bugzilla/Token.pm b/Bugzilla/Token.pm index 84d86b8c6..28122e818 100644 --- a/Bugzilla/Token.pm +++ b/Bugzilla/Token.pm @@ -28,6 +28,8 @@ use parent qw(Exporter); check_token_data delete_token issue_hash_token check_hash_token); +use constant SEND_NOW => 1; + ################################################################################ # Public Functions ################################################################################ @@ -84,43 +86,49 @@ sub issue_new_user_account_token { # who made the request, and so it is reasonable to send the email in the same # language used to view the "Create a New Account" page (we cannot use their # user prefs as the user has no account yet!). - MessageToMTA($message); + MessageToMTA($message, SEND_NOW); } sub IssueEmailChangeToken { - my ($user, $new_email) = @_; - my $email_suffix = Bugzilla->params->{'emailsuffix'}; - my $old_email = $user->login; - - my ($token, $token_ts) = _create_token($user->id, 'emailold', $old_email . ":" . $new_email); + my $new_email = shift; + my $user = Bugzilla->user; - my $newtoken = _create_token($user->id, 'emailnew', $old_email . ":" . $new_email); + my ($token, $token_ts) = _create_token($user->id, 'emailold', $user->login . ":$new_email"); + my $newtoken = _create_token($user->id, 'emailnew', $user->login . ":$new_email"); # Mail the user the token along with instructions for using it. my $template = Bugzilla->template_inner($user->setting('lang')); my $vars = {}; - $vars->{'oldemailaddress'} = $old_email . $email_suffix; - $vars->{'newemailaddress'} = $new_email . $email_suffix; + $vars->{'newemailaddress'} = $new_email . Bugzilla->params->{'emailsuffix'}; $vars->{'expiration_ts'} = ctime($token_ts + MAX_TOKEN_AGE * 86400); - $vars->{'token'} = $token; - $vars->{'emailaddress'} = $old_email . $email_suffix; + + # First send an email to the new address. If this one doesn't exist, + # then the whole process must stop immediately. This means the email must + # be sent immediately and must not be stored in the queue. + $vars->{'token'} = $newtoken; my $message; - $template->process("account/email/change-old.txt.tmpl", $vars, \$message) + $template->process('account/email/change-new.txt.tmpl', $vars, \$message) || ThrowTemplateError($template->error()); - MessageToMTA($message); + MessageToMTA($message, SEND_NOW); - $vars->{'token'} = $newtoken; - $vars->{'emailaddress'} = $new_email . $email_suffix; + # If we come here, then the new address exists. We now email the current + # address, but we don't want to stop the process if it no longer exists, + # to give a chance to the user to confirm the email address change. + $vars->{'token'} = $token; - $message = ""; - $template->process("account/email/change-new.txt.tmpl", $vars, \$message) + $message = ''; + $template->process('account/email/change-old.txt.tmpl', $vars, \$message) || ThrowTemplateError($template->error()); - MessageToMTA($message); + eval { MessageToMTA($message, SEND_NOW); }; + + # Give the user a chance to cancel the process even if he never got + # the email above. The token is required. + return $token; } # Generates a random token, adds it to the tokens table, and sends it @@ -507,17 +515,15 @@ Bugzilla::Token - Provides different routines to manage tokens. Returns: Nothing. It throws an error if the same user made the same request in the last few minutes. -=item C<sub IssueEmailChangeToken($user, $new_email)> +=item C<sub IssueEmailChangeToken($new_email)> Description: Sends two distinct tokens per email to the old and new email addresses to confirm the email address change for the given user. These tokens remain valid for the next MAX_TOKEN_AGE days. - Params: $user - User object of the user requesting a new - email address. - $new_email - The new email address of the user. + Params: $new_email - The new email address of the user. - Returns: Nothing. + Returns: The token to cancel the request. =item C<IssuePasswordToken($user)> diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index e63be93dd..6cfef6db5 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -2403,6 +2403,9 @@ sub check_account_creation_enabled { sub check_and_send_account_creation_confirmation { my ($self, $login) = @_; + my $dbh = Bugzilla->dbh; + + $dbh->bz_start_transaction; $login = $self->check_login_name($login); my $creation_regexp = Bugzilla->params->{'createemailregexp'}; @@ -2417,6 +2420,8 @@ sub check_and_send_account_creation_confirmation { # Create and send a token for this new account. require Bugzilla::Token; Bugzilla::Token::issue_new_user_account_token($login); + + $dbh->bz_commit_transaction; } # This is used in a few performance-critical areas where we don't want to diff --git a/Bugzilla/UserAgent.pm b/Bugzilla/UserAgent.pm index 6ceb9d3c5..14637038c 100644 --- a/Bugzilla/UserAgent.pm +++ b/Bugzilla/UserAgent.pm @@ -106,6 +106,7 @@ use constant OS_MAP => ( qr/\(.*Android.*\)/ => ["Android"], # Windows qr/\(.*Windows XP.*\)/ => ["Windows XP"], + qr/\(.*Windows NT 10\.0.*\)/ => ["Windows 10"], qr/\(.*Windows NT 6\.4.*\)/ => ["Windows 10"], qr/\(.*Windows NT 6\.3.*\)/ => ["Windows 8.1"], qr/\(.*Windows NT 6\.2.*\)/ => ["Windows 8"], diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index 670f5f8f2..037b38648 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -676,12 +676,18 @@ sub validate_email_syntax { # RFC 2822 section 2.1 specifies that email addresses must # be made of US-ASCII characters only. # Email::Address::addr_spec doesn't enforce this. - my $ret = ($addr =~ /$match/ && $email !~ /\P{ASCII}/ && $email =~ /^$addr_spec$/); - if ($ret) { + # We set the max length to 127 to ensure addresses aren't truncated when + # inserted into the tokens.eventdata field. + if ($addr =~ /$match/ + && $email !~ /\P{ASCII}/ + && $email =~ /^$addr_spec$/ + && length($email) <= 127) + { # We assume these checks to suffice to consider the address untainted. trick_taint($_[0]); + return 1; } - return $ret ? 1 : 0; + return 0; } sub check_email_syntax { diff --git a/Bugzilla/WebService/Bug.pm b/Bugzilla/WebService/Bug.pm index 127ea40bb..c99651201 100644 --- a/Bugzilla/WebService/Bug.pm +++ b/Bugzilla/WebService/Bug.pm @@ -2639,7 +2639,7 @@ from the Bugzilla database to fetch. If it contains any non-numeric characters, it is considered to be a bug alias instead, and the data bug with that alias will be loaded. -item C<new_since> +=item C<new_since> C<dateTime> If specified, the method will only return changes I<newer> than this time. diff --git a/checksetup.pl b/checksetup.pl index cf124b8e2..5dda0df6f 100755 --- a/checksetup.pl +++ b/checksetup.pl @@ -458,8 +458,6 @@ The format of that file is as follows: $answer{'ADMIN_PASSWORD'} = 'fooey'; $answer{'ADMIN_REALNAME'} = 'Joel Peshkin'; - $answer{'SMTP_SERVER'} = 'mail.mydomain.net'; - $answer{'NO_PAUSE'} = 1 C<NO_PAUSE> means "never stop and prompt the user to hit Enter to continue, diff --git a/docs/en/rst/installing/apache.rst b/docs/en/rst/installing/apache.rst index fe734b222..856512a7f 100644 --- a/docs/en/rst/installing/apache.rst +++ b/docs/en/rst/installing/apache.rst @@ -77,6 +77,14 @@ or, if not found, :file:`index.html` if someone only types the directory name into the browser; and allows Bugzilla's :file:`.htaccess` files to override some global permissions. +On some Linux distributions you will need to enable the Apache CGI +module. On Debian/Ubuntu, this is done with: + +:command:`sudo a2enmod cgi` + +If you find that the webserver is returning the Perl code as text rather +than executing it, then this is the problem. + .. _apache-mod_perl: Apache with mod_perl diff --git a/docs/en/rst/installing/linux.rst b/docs/en/rst/installing/linux.rst index b434f9e8e..0dad2056e 100644 --- a/docs/en/rst/installing/linux.rst +++ b/docs/en/rst/installing/linux.rst @@ -45,6 +45,7 @@ If you want to install a version of Bugzilla from the Bugzilla project, you will instead need: :command:`yum install httpd mysql-server mod_perl mod_perl-devel httpd-devel +gd-devel mysql-devel graphviz patchutils gcc 'perl(Apache2::SizeLimit)' 'perl(Authen::Radius)' 'perl(Authen::SASL)' 'perl(Cache::Memcached)' 'perl(CGI)' 'perl(Chart::Lines)' 'perl(Daemon::Generic)' 'perl(Date::Format)' 'perl(DateTime)' @@ -63,7 +64,7 @@ graphviz patchutils gcc 'perl(Apache2::SizeLimit)' 'perl(Authen::Radius)' If you are running RHEL6, you will have to enable the "RHEL Server Optional" channel in RHN to get some of those packages. -If you plan to use SQlite as your database, you will need to also install +If you plan to use a database other than MySQL, you will need to also install the appropriate packages for that. Ubuntu and Debian @@ -83,9 +84,10 @@ libjson-rpc-perl libdaemon-generic-perl libtheschwartz-perl libtest-taint-perl libauthen-radius-perl libfile-slurp-perl libencode-detect-perl libmodule-build-perl libnet-ldap-perl libauthen-sasl-perl libtemplate-perl-doc libfile-mimeinfo-perl -libhtml-formattext-withlinks-perl libgd-dev lynx-cur graphviz python-sphinx` +libhtml-formattext-withlinks-perl libgd-dev libmysqlclient-dev lynx-cur +graphviz python-sphinx` -If you plan to use SQlite as your database, you will need to also install +If you plan to use a database other than MySQL, you will need to also install the appropriate packages for that. Gentoo @@ -118,7 +120,7 @@ Bugzilla The best way to get Bugzilla is to check it out from git: -:command:`git clone --branch bugzilla-X.X-stable https://git.mozilla.org/bugzilla/bugzilla` +:command:`git clone --branch release-X.X-stable https://git.mozilla.org/bugzilla/bugzilla` Run the above command in your home directory, replacing "X.X" with the 2-digit version number of the stable release of Bugzilla that you want - e.g. "4.4". @@ -171,16 +173,6 @@ Or, you can pass an individual module name: :command:`./install-module.pl <modulename>` -.. note:: If you are using a package-based distribution, and attempting to - install the Perl modules from CPAN (e.g. by using :file:`install-module.pl`), - you may need to install the "development" - packages for MySQL and GD before attempting to install the related Perl - modules. The names of these packages will vary depending on the specific - distribution you are using, but are often called :file:`<packagename>-devel`. - - .. todo:: Give examples for Debian/Ubuntu and RedHat. - Convert this item to a bug after checkin. - .. _linux-config-webserver: Web Server diff --git a/docs/en/rst/installing/mac-os-x.rst b/docs/en/rst/installing/mac-os-x.rst index 545d2fa27..b18a5ec31 100644 --- a/docs/en/rst/installing/mac-os-x.rst +++ b/docs/en/rst/installing/mac-os-x.rst @@ -28,7 +28,7 @@ Bugzilla The best way to get Bugzilla is to check it out from git: -:command:`git clone --branch bugzilla-X.X-stable https://git.mozilla.org/bugzilla/bugzilla` +:command:`git clone --branch release-X.X-stable https://git.mozilla.org/bugzilla/bugzilla` Run the above command in your home directory, replacing "X.X" with the 2-digit version number of the stable release of Bugzilla that you want - e.g. "4.4". diff --git a/docs/en/rst/installing/migrating-from-bzr.rst b/docs/en/rst/installing/migrating-from-bzr.rst index da6809a01..c9b0f3e83 100644 --- a/docs/en/rst/installing/migrating-from-bzr.rst +++ b/docs/en/rst/installing/migrating-from-bzr.rst @@ -8,4 +8,25 @@ Migrating from Bazaar .. |extstatusinfo| replace:: The command :command:`bzr status extensions/` should help you work out what you added, if anything. .. include:: migrating-from-1.inc.rst + +The old bzr.mozilla.org server has been decommissioned. This may not +be a problem but, in some cases, running some of the commands below will +make :command:`bzr` attempt to contact the server and time out. If and +only if that happens to you, you will need to switch to the new server, +as follows. Enter your Bugzilla directory and run: + +:command:`bzr info` + +and look at the Location: section of the output. +If it says "light checkout root" then run: + +:command:`bzr -Ossl.cert_reqs=none switch https://bzr.bugzilla.org/bugzilla/$VERSION` + +Alternatively, if it says "branch root" or "checkout root" then run: + +:command:`bzr -Ossl.cert_reqs=none pull --remember https://bzr.bugzilla.org/bugzilla/$VERSION` + +Replace $VERSION with the two-digit version number of your current +Bugzilla, e.g. "4.2" (see below for how to find that). + .. include:: migrating-from-2.inc.rst diff --git a/docs/en/rst/installing/quick-start.rst b/docs/en/rst/installing/quick-start.rst index ace2106ee..c9c7b2d26 100644 --- a/docs/en/rst/installing/quick-start.rst +++ b/docs/en/rst/installing/quick-start.rst @@ -50,7 +50,7 @@ Install Prerequisites :command:`apt-get install git nano` -:command:`apt-get install apache2 mysql-server libappconfig-perl libdate-calc-perl libtemplate-perl libmime-perl build-essential libdatetime-timezone-perl libdatetime-perl libemail-sender-perl libemail-mime-perl libemail-mime-modifier-perl libdbi-perl libdbd-mysql-perl libcgi-pm-perl libmath-random-isaac-perl libmath-random-isaac-xs-perl apache2-mpm-prefork libapache2-mod-perl2 libapache2-mod-perl2-dev libchart-perl libxml-perl libxml-twig-perl perlmagick libgd-graph-perl libtemplate-plugin-gd-perl libsoap-lite-perl libhtml-scrubber-perl libjson-rpc-perl libdaemon-generic-perl libtheschwartz-perl libtest-taint-perl libauthen-radius-perl libfile-slurp-perl libencode-detect-perl libmodule-build-perl libnet-ldap-perl libauthen-sasl-perl libtemplate-perl-doc libfile-mimeinfo-perl libhtml-formattext-withlinks-perl libgd-dev lynx-cur python-sphinx` +:command:`apt-get install apache2 mysql-server libappconfig-perl libdate-calc-perl libtemplate-perl libmime-perl build-essential libdatetime-timezone-perl libdatetime-perl libemail-sender-perl libemail-mime-perl libemail-mime-modifier-perl libdbi-perl libdbd-mysql-perl libcgi-pm-perl libmath-random-isaac-perl libmath-random-isaac-xs-perl apache2-mpm-prefork libapache2-mod-perl2 libapache2-mod-perl2-dev libchart-perl libxml-perl libxml-twig-perl perlmagick libgd-graph-perl libtemplate-plugin-gd-perl libsoap-lite-perl libhtml-scrubber-perl libjson-rpc-perl libdaemon-generic-perl libtheschwartz-perl libtest-taint-perl libauthen-radius-perl libfile-slurp-perl libencode-detect-perl libmodule-build-perl libnet-ldap-perl libauthen-sasl-perl libtemplate-perl-doc libfile-mimeinfo-perl libhtml-formattext-withlinks-perl libgd-dev libmysqlclient-dev lynx-cur graphviz python-sphinx` This will take a little while. It's split into two commands so you can do the next steps (up to step 7) in another terminal while you wait for the @@ -66,7 +66,7 @@ Get it from our Git repository: :command:`rm -rf html` -:command:`git clone --branch bugzilla-X.X-stable https://git.mozilla.org/bugzilla/bugzilla html` +:command:`git clone --branch release-X.X-stable https://git.mozilla.org/bugzilla/bugzilla html` (where "X.X" is the 2-digit version number of the stable release of Bugzilla that you want - e.g. 4.4) @@ -85,7 +85,7 @@ Set the following values, which increase the maximum attachment size and make it possible to search for short words and terms: * Alter on Line 52: ``max_allowed_packet=100M`` -* Add as new line 31, in the ``[mysqld]`` section: ``ft_min_word_len=2`` +* Add as new line 32, in the ``[mysqld]`` section: ``ft_min_word_len=2`` Save and exit. diff --git a/docs/en/rst/installing/upgrading-with-git.rst b/docs/en/rst/installing/upgrading-with-git.rst index 78b4fb1e0..075ff8902 100644 --- a/docs/en/rst/installing/upgrading-with-git.rst +++ b/docs/en/rst/installing/upgrading-with-git.rst @@ -54,7 +54,7 @@ you can get the latest point release of your current version by simply doing: If you want to upgrade to a newer release of Bugzilla, then you will additionally need to do: -:command:`git checkout bugzilla-X.X-stable` +:command:`git checkout release-X.X-stable` where "X.X" is the 2-digit version number of the stable version you want to upgrade to (e.g. "4.4"). diff --git a/docs/en/rst/installing/windows.rst b/docs/en/rst/installing/windows.rst index c182bd084..bf33ca330 100644 --- a/docs/en/rst/installing/windows.rst +++ b/docs/en/rst/installing/windows.rst @@ -34,7 +34,7 @@ Bugzilla The best way to get Bugzilla is to check it out from git. Download and install git from the `git website <http://git-scm.com/download>`_, and then run: -:command:`git clone --branch bugzilla-X.X-stable https://git.mozilla.org/bugzilla/bugzilla C:\\bugzilla` +:command:`git clone --branch release-X.X-stable https://git.mozilla.org/bugzilla/bugzilla C:\\bugzilla` where "X.X" is the 2-digit version number of the stable release of Bugzilla that you want (e.g. 4.4). diff --git a/editusers.cgi b/editusers.cgi index a38195a4b..37665b12d 100755 --- a/editusers.cgi +++ b/editusers.cgi @@ -70,7 +70,8 @@ if ($action eq 'search') { my $matchstr = trim($cgi->param('matchstr')); my $matchtype = $cgi->param('matchtype'); my $grouprestrict = $cgi->param('grouprestrict') || '0'; - my $is_enabled = scalar $cgi->param('is_enabled'); + # 0 = disabled only, 1 = enabled only, 2 = everyone + my $is_enabled = $cgi->param('is_enabled') // 2; my $query = 'SELECT DISTINCT userid, login_name, realname, is_enabled, ' . $dbh->sql_date_format('last_seen_date', '%Y-%m-%d') . ' AS last_seen_date ' . 'FROM profiles'; @@ -163,11 +164,12 @@ if ($action eq 'search') { } detaint_natural($is_enabled); - if ($is_enabled == 0 || $is_enabled == 1) { + if ($is_enabled && ($is_enabled == 0 || $is_enabled == 1)) { $query .= " $nextCondition profiles.is_enabled = ?"; $nextCondition = 'AND'; push(@bindValues, $is_enabled); } + $query .= ' ORDER BY profiles.login_name'; $vars->{'users'} = $dbh->selectall_arrayref($query, diff --git a/extensions/Voting/Extension.pm b/extensions/Voting/Extension.pm index 8009f16bb..b125933ce 100644 --- a/extensions/Voting/Extension.pm +++ b/extensions/Voting/Extension.pm @@ -610,7 +610,7 @@ sub _update_votes { $sth_getVotes->execute($id); my $v = $sth_getVotes->fetchrow_array || 0; $sth_updateVotes->execute($v, $id); - + $bugs{$id}->{votes} = $v if $bugs{$id}; my $confirmed = _confirm_if_vote_confirmed($bugs{$id} || $id); push (@updated_bugs, $id) if $confirmed; } diff --git a/js/field.js b/js/field.js index 2193c40eb..e4744f5e0 100644 --- a/js/field.js +++ b/js/field.js @@ -506,7 +506,8 @@ function handleVisControllerValueChange(e, args) { var controller = args[1]; var values = args[2]; - var label_container = + var field = document.getElementById(controlled_id); + var label_container = document.getElementById('field_label_' + controlled_id); var field_container = document.getElementById('field_container_' + controlled_id); @@ -521,10 +522,45 @@ function handleVisControllerValueChange(e, args) { if (selected) { YAHOO.util.Dom.removeClass(label_container, 'bz_hidden_field'); YAHOO.util.Dom.removeClass(field_container, 'bz_hidden_field'); + /* If a custom field such as a textarea field contains some text, then + * its content is visible by default as a readonly field (assuming that + * the field is displayed). But if such a custom field contains no text, + * then it's not displayed at all and an (edit) link is displayed instead. + * This is problematic if the custom field is mandatory, because at least + * Firefox complains that you must enter a value, but is unable to point + * to the custom field because this one is hidden, and so the user has + * to guess what the web browser is talking about, which is confusing. + * So in that case, we display the custom field automatically instead of + * the (edit) link, so that the user can enter some text in it. + */ + var field_readonly = document.getElementById(controlled_id + '_readonly'); + + if (!field_readonly) { + var field_input = document.getElementById(controlled_id + '_input'); + var edit_container = + document.getElementById(controlled_id + '_edit_container'); + + if (field_input) { + YAHOO.util.Dom.removeClass(field_input, 'bz_default_hidden'); + } + if (edit_container) { + YAHOO.util.Dom.addClass(edit_container, 'bz_hidden_field'); + } + } + // Restore the 'required' attribute for mandatory fields. + if (field.getAttribute('data-required') == "true") { + field.setAttribute('required', 'true'); + field.setAttribute('aria-required', 'true'); + } } else { YAHOO.util.Dom.addClass(label_container, 'bz_hidden_field'); YAHOO.util.Dom.addClass(field_container, 'bz_hidden_field'); + // A hidden field must never be required, because the user cannot set it. + if (field.getAttribute('data-required') == "true") { + field.removeAttribute('required'); + field.removeAttribute('aria-required'); + } } } diff --git a/process_bug.cgi b/process_bug.cgi index b3ed2d36a..216dfbf1b 100755 --- a/process_bug.cgi +++ b/process_bug.cgi @@ -348,7 +348,7 @@ if (defined $cgi->param('id')) { # Tags can only be set to one bug at once. if (should_set('tag')) { - my @new_tags = split(/[\s,]+/, $cgi->param('tag')); + my @new_tags = grep { trim($_) } split(/,/, $cgi->param('tag')); my ($tags_removed, $tags_added) = diff_arrays($first_bug->tags, \@new_tags); $first_bug->remove_tag($_) foreach @$tags_removed; $first_bug->add_tag($_) foreach @$tags_added; diff --git a/taskgraph.json b/taskgraph.json index 6d507fb20..f292653be 100644 --- a/taskgraph.json +++ b/taskgraph.json @@ -13,8 +13,8 @@ "metadata": { "name": "Basic Sanity Tests" }, - "provisionerId": "aws-provisioner", - "workerType": "gaia", + "provisionerId": "aws-provisioner-v1", + "workerType": "b2gtest", "payload": { "image": "dklawren/docker-bugzilla", "command": ["/runtests.sh"], @@ -31,9 +31,6 @@ }, "extra": { "treeherder": { - "machine": { - "platform": "5.0" - }, "symbol": "San" } } @@ -46,8 +43,8 @@ "metadata": { "name": "Documentation Build Test" }, - "provisionerId": "aws-provisioner", - "workerType": "gaia", + "provisionerId": "aws-provisioner-v1", + "workerType": "b2gtest", "payload": { "image": "dklawren/docker-bugzilla", "command": ["/runtests.sh"], @@ -64,9 +61,6 @@ }, "extra": { "treeherder": { - "machine": { - "platform": "5.0" - }, "symbol": "Doc" } } @@ -79,8 +73,8 @@ "metadata": { "name": "WebService API Tests (MySQL)" }, - "provisionerId": "aws-provisioner", - "workerType": "gaia", + "provisionerId": "aws-provisioner-v1", + "workerType": "b2gtest", "payload": { "image": "dklawren/docker-bugzilla", "command": ["/runtests.sh"], @@ -102,9 +96,6 @@ }, "extra": { "treeherder": { - "machine": { - "platform": "5.0" - }, "symbol": "API" } } @@ -117,8 +108,8 @@ "metadata": { "name": "Selenium Tests (MySQL)" }, - "provisionerId": "aws-provisioner", - "workerType": "gaia", + "provisionerId": "aws-provisioner-v1", + "workerType": "b2gtest", "payload": { "image": "dklawren/docker-bugzilla", "command": ["/runtests.sh"], @@ -145,9 +136,6 @@ }, "extra": { "treeherder": { - "machine": { - "platform": "5.0" - }, "symbol": "Sel" } } @@ -160,8 +148,8 @@ "metadata": { "name": "WebService API Tests (Pg)" }, - "provisionerId": "aws-provisioner", - "workerType": "gaia", + "provisionerId": "aws-provisioner-v1", + "workerType": "b2gtest", "payload": { "image": "dklawren/docker-bugzilla:pgsql", "command": ["/runtests.sh"], @@ -183,9 +171,6 @@ }, "extra": { "treeherder": { - "machine": { - "platform": "5.0" - }, "symbol": "API-Pg" } } @@ -198,8 +183,8 @@ "metadata": { "name": "Selenium Tests (Pg)" }, - "provisionerId": "aws-provisioner", - "workerType": "gaia", + "provisionerId": "aws-provisioner-v1", + "workerType": "b2gtest", "payload": { "image": "dklawren/docker-bugzilla:pgsql", "command": ["/runtests.sh"], @@ -226,9 +211,6 @@ }, "extra": { "treeherder": { - "machine": { - "platform": "5.0" - }, "symbol": "Sel-Pg" } } diff --git a/template/en/default/account/auth/login-small.html.tmpl b/template/en/default/account/auth/login-small.html.tmpl index 790c135bf..65aa861a1 100644 --- a/template/en/default/account/auth/login-small.html.tmpl +++ b/template/en/default/account/auth/login-small.html.tmpl @@ -34,7 +34,7 @@ id="mini_login[% qs_suffix FILTER html %]"> <input id="Bugzilla_login[% qs_suffix FILTER html %]" required name="Bugzilla_login" class="bz_login" - [% IF Param('emailsuffix') %] + [% IF login_not_email %] placeholder="Login" [% ELSE %] type="email" placeholder="Email Address" @@ -64,7 +64,7 @@ class="mini_forgot bz_default_hidden"> <label for="login[% qs_suffix FILTER html %]">Login:</label> <input name="loginname" size="20" id="login[% qs_suffix FILTER html %]" required - [% IF Param('emailsuffix') %] + [% IF login_not_email %] placeholder="Your Login" [% ELSE %] type="email" placeholder="Your Email Address" diff --git a/template/en/default/account/auth/login.html.tmpl b/template/en/default/account/auth/login.html.tmpl index 0af84542d..32ab14c9e 100644 --- a/template/en/default/account/auth/login.html.tmpl +++ b/template/en/default/account/auth/login.html.tmpl @@ -30,7 +30,7 @@ <tr> <th> <label for="Bugzilla_login"> - [% IF Param('emailsuffix') %] + [% IF login_not_email %] Login: [% ELSE %] Your Email Address: @@ -39,7 +39,7 @@ </th> <td> <input size="35" id="Bugzilla_login" name="Bugzilla_login" - [%- ' type="email"' UNLESS Param('emailsuffix') %] autofocus required> + [%- ' type="email"' UNLESS login_not_email %] autofocus required> [% Param('emailsuffix') FILTER html %] </td> </tr> diff --git a/template/en/default/account/email/change-new.txt.tmpl b/template/en/default/account/email/change-new.txt.tmpl index a6c54a773..f32abd80d 100644 --- a/template/en/default/account/email/change-new.txt.tmpl +++ b/template/en/default/account/email/change-new.txt.tmpl @@ -7,12 +7,12 @@ #%] From: [% Param('mailfrom') %] -To: [% emailaddress %] +To: [% newemailaddress %] Subject: [% terms.Bugzilla %] Change Email Address Request X-Bugzilla-Type: admin [%+ terms.Bugzilla %] has received a request to change the email address -for the account [% oldemailaddress %] to your address. +for the account [% user.email %] to your address. To confirm the change, visit the following link: diff --git a/template/en/default/account/email/change-old.txt.tmpl b/template/en/default/account/email/change-old.txt.tmpl index 24b90a2b0..400004c5a 100644 --- a/template/en/default/account/email/change-old.txt.tmpl +++ b/template/en/default/account/email/change-old.txt.tmpl @@ -7,7 +7,7 @@ #%] From: [% Param('mailfrom') %] -To: [% emailaddress %] +To: [% user.email %] Subject: [% terms.Bugzilla %] Change Email Address Request Importance: High X-MSMail-Priority: High diff --git a/template/en/default/account/prefs/apikey.html.tmpl b/template/en/default/account/prefs/apikey.html.tmpl index bed3f3809..71d4ac854 100644 --- a/template/en/default/account/prefs/apikey.html.tmpl +++ b/template/en/default/account/prefs/apikey.html.tmpl @@ -16,7 +16,7 @@ one API key if required. Each API key has an optional description which can help you record what each key is used for. Documentation on how to log in is available from - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService.html#LOGGING_IN">here</a>. + <a href="[% docs_urlbase FILTER html %]api/core/v1/general.html#authentication">here</a>. </p> <h3>Existing API keys</h3> diff --git a/template/en/default/account/prefs/prefs.html.tmpl b/template/en/default/account/prefs/prefs.html.tmpl index 8875eb26f..5de0bf422 100644 --- a/template/en/default/account/prefs/prefs.html.tmpl +++ b/template/en/default/account/prefs/prefs.html.tmpl @@ -76,6 +76,10 @@ In order to confirm your request, we have sent an email to your new email address. As a precaution, an email has also been sent to your old address allowing you to cancel this change if needed. + If you don't receive the email, you can + <a href="token.cgi?t=[% email_token FILTER uri %]&a=cxlem"> + cancel the email address change</a> from here if you wish (especially + if you mistyped the new email address). </p> [% END %] </div> diff --git a/template/en/default/admin/params/dependencygraph.html.tmpl b/template/en/default/admin/params/dependencygraph.html.tmpl index 64a334a20..6ef25807c 100644 --- a/template/en/default/admin/params/dependencygraph.html.tmpl +++ b/template/en/default/admin/params/dependencygraph.html.tmpl @@ -34,10 +34,10 @@ for other systems the needed measures may vary. You can run <kbd>checksetup.pl</kbd> to recreate the .htaccess file if it has been lost.", - font_file => "You can specify the full path to a TrueType font file which will be used " _ - "to display text (labels, legends, ...) in charts and graphical reports. " _ - "To support as many languages as possible, we recommend to specify a TrueType " _ - "font such as <a href=\"http://unifoundry.com/unifont.html\">Unifont</a> " _ + font_file => "You can specify the full path to a TrueType or OpenType font file which will " _ + "be used to display text (labels, legends, ...) in charts and graphical reports. " _ + "To support as many languages as possible, we recommend to specify a font " _ + "such as <a href=\"http://unifoundry.com/unifont.html\">Unifont</a> " _ "which supports all printable characters in the Basic Multilingual Plane. " _ "If you leave this parameter empty, a default font will be used, but " _ "its support is limited to English characters only and so other characters " _ diff --git a/template/en/default/admin/settings/edit.html.tmpl b/template/en/default/admin/settings/edit.html.tmpl index 86fb79e7b..75766fcc2 100644 --- a/template/en/default/admin/settings/edit.html.tmpl +++ b/template/en/default/admin/settings/edit.html.tmpl @@ -44,7 +44,7 @@ <th>Enabled</th> </tr> - [% FOREACH name = settings.keys %] + [% FOREACH name = settings.keys.sort %] [% checkbox_name = name _ '-enabled' %] <tr> <td> diff --git a/template/en/default/bug/comments.html.tmpl b/template/en/default/bug/comments.html.tmpl index f4f79ec5c..931716f76 100644 --- a/template/en/default/bug/comments.html.tmpl +++ b/template/en/default/bug/comments.html.tmpl @@ -47,6 +47,7 @@ [% DEFAULT mode = "show" %] [% user_cache = template_cache.users %] [% can_edit_comments = bug.check_can_change_field('longdesc', 0, 1) %] +[% can_tag_comments = feature_enabled('jsonrpc') AND user.can_tag_comments %] <!-- This auto-sizes the comments and positions the collapse/expand links to the right. --> @@ -120,7 +121,7 @@ <span class="bz_collapsed_actions"> [% END %] [% IF can_edit_comments %] - [% IF user.can_tag_comments %] + [% IF can_tag_comments %] [<a href="#" onclick="YAHOO.bugzilla.commentTagging.toggle([% comment.id %], [% comment.count %]);return false">tag</a>] [% END %] diff --git a/template/en/default/bug/edit.html.tmpl b/template/en/default/bug/edit.html.tmpl index e1ce3fffe..5f6fd60b4 100644 --- a/template/en/default/bug/edit.html.tmpl +++ b/template/en/default/bug/edit.html.tmpl @@ -229,20 +229,12 @@ [%# PRODUCT #%] [%#############%] <tr> - [% INCLUDE "bug/field-label.html.tmpl" - field = bug_fields.product - desc_url = 'describecomponents.cgi' - value = bug.product - %] - <td class="field_value" id="field_container_product"> - [% INCLUDE "global/product-select.html.tmpl" - id => "product" - name => "product" - value => bug.product - products => bug.choices.product - isselect => bug.check_can_change_field('product', 0, 1) - %] - </td> + [% INCLUDE bug/field.html.tmpl + bug = bug, field = bug_fields.product, value = bug.product + override_legal_values = bug.choices.product + desc_url = "describecomponents.cgi" + editable = bug.check_can_change_field('product', 0, 1) + %] </tr> [%# Classification is here so that it can be used in value controllers diff --git a/template/en/default/bug/field.html.tmpl b/template/en/default/bug/field.html.tmpl index f1ddf633f..cdf15fbd8 100644 --- a/template/en/default/bug/field.html.tmpl +++ b/template/en/default/bug/field.html.tmpl @@ -42,14 +42,21 @@ name="[% field.name FILTER html %]" value="[% value FILTER html %]" size="40" maxlength="[% constants.MAX_FREETEXT_LENGTH FILTER none %]" - [% IF field.type == constants.FIELD_TYPE_INTEGER %] pattern="\d+[% IF dontchange %]|[% dontchange FILTER html %][% END %]" [% END %] - [% ' aria-required="true" required' IF field.is_mandatory %]> + [% IF field.type == constants.FIELD_TYPE_INTEGER %] + pattern="-?\d+[% IF dontchange %]|[% dontchange FILTER html %][% END %]" + title="The value must be a valid positive or negative integer" + [% END %] + [% IF field.is_mandatory %] + data-required="true" [% 'aria-required="true" required' UNLESS field_hidden %] + [% END %]> [% CASE [constants.FIELD_TYPE_DATETIME, constants.FIELD_TYPE_DATE] %] [% size = (field.type == constants.FIELD_TYPE_DATE) ? 10 : 20 %] <input name="[% field.name FILTER html %]" size="[% size FILTER none %]" id="[% field.name FILTER html %]" value="[% value FILTER html %]" - [% ' aria-required="true" required' IF field.is_mandatory %] + [% IF field.is_mandatory %] + data-required="true" [% 'aria-required="true" required' UNLESS field_hidden %] + [% END %] onchange="updateCalendarFromField(this)"> <button type="button" class="calendar_button" id="button_calendar_[% field.name FILTER html %]" @@ -67,8 +74,9 @@ <span id="[% field.name FILTER html %]_input_area"> <input name="[% field.name FILTER html %]" id="[% field.name FILTER html %]" value="[% value FILTER html %]" size="7" - [% ' aria-required="true" required' IF field.is_mandatory %]> - + [% IF field.is_mandatory %] + data-required="true" [% 'aria-required="true" required' UNLESS field_hidden %] + [% END %]> </span> [% IF value %] @@ -86,18 +94,25 @@ </script> [% CASE [ constants.FIELD_TYPE_SINGLE_SELECT constants.FIELD_TYPE_MULTI_SELECT ] %] + [%# The 'product' field needs its own template if classifications are enabled. %] + [% IF field.name == "product" AND Param('useclassification') %] + [% INCLUDE "global/product-select.html.tmpl" + id = "product", name = "product", value = value + products = override_legal_values %] + [% ELSE %] <input type="hidden" id="[% field.name FILTER html %]_dirty"> <select id="[% field.name FILTER html %]" name="[% field.name FILTER html %]" [% IF field.type == constants.FIELD_TYPE_MULTI_SELECT %] - [% SET field_size = 5 %] - [% IF field.legal_values.size < 5 %] - [% SET field_size = field.legal_values.size %] - [% END %] - size="[% field_size FILTER html %]" multiple="multiple" - [% ' aria-required="true" required' IF field.is_mandatory %] - [% END %] - > + [% SET field_size = 5 %] + [% IF field.legal_values.size < 5 %] + [% SET field_size = field.legal_values.size %] + [% END %] + size="[% field_size FILTER html %]" multiple="multiple" + [% IF field.is_mandatory %] + data-required="true" [% 'aria-required="true" required' UNLESS field_hidden %] + [% END %] + [% END %]> [% IF allow_dont_change %] <option value="[% dontchange FILTER html %]" [% ' selected="selected"' IF value == dontchange %]> @@ -135,22 +150,24 @@ [% IF field.type == constants.FIELD_TYPE_MULTI_SELECT %] <input type="hidden" name="defined_[% field.name FILTER html %]"> [% END %] + [% END %] - <script type="text/javascript"> + <script type="text/javascript"> <!-- initHidingOptionsForIE('[% field.name FILTER js %]'); [%+ INCLUDE "bug/field-events.js.tmpl" field = field, product = bug.product_obj %] //--> - </script> + </script> - [% CASE constants.FIELD_TYPE_TEXTAREA %] + [% CASE constants.FIELD_TYPE_TEXTAREA %] <div id="[% field.name FILTER html %]_edit_container" class="bz_default_hidden"> <div> (<a href="#" id="[% field.name FILTER html %]_edit_action">edit</a>) </div> [% IF value %] - <pre class="field_textarea_readonly">[% value FILTER html %]</pre> + <pre id="[% field.name FILTER html %]_readonly" + class="field_textarea_readonly">[% value FILTER html %]</pre> [% END %] </div> <div id="[% field.name FILTER html %]_input"> @@ -167,7 +184,7 @@ '', true); </script> - [% CASE constants.FIELD_TYPE_BUG_URLS %] + [% CASE constants.FIELD_TYPE_BUG_URLS %] [% IF bug.id && value.size %] <ul class="bug_urls"> [% FOREACH bug_url = value %] diff --git a/template/en/default/bug/summarize-time.html.tmpl b/template/en/default/bug/summarize-time.html.tmpl index 8bfe3c1c6..9613eebf1 100644 --- a/template/en/default/bug/summarize-time.html.tmpl +++ b/template/en/default/bug/summarize-time.html.tmpl @@ -267,6 +267,7 @@ <button type="button" class="calendar_button" id="button_calendar_start_date" onclick="showCalendar('start_date')"><span>Calendar</span> </button> + <div id="con_calendar_start_date"></div> <span class="label"> and <label accesskey="e" for="end_date"><u>e</u>nding</label>: </span> @@ -276,6 +277,7 @@ <button type="button" class="calendar_button" id="button_calendar_end_date" onclick="showCalendar('end_date')"><span>Calendar</span> </button> + <div id="con_calendar_end_date"></div> <br> <span class="bz_info">(Dates are optional, and in YYYY-MM-DD format)</span> </td> diff --git a/template/en/default/flag/list.html.tmpl b/template/en/default/flag/list.html.tmpl index 169cf8a51..778c3e142 100644 --- a/template/en/default/flag/list.html.tmpl +++ b/template/en/default/flag/list.html.tmpl @@ -121,8 +121,8 @@ class="flag_select flag_type-[% type.id %]" [% IF !can_edit_flag %] disabled="disabled"[% END %]> [%# Only display statuses the user is allowed to set. %] - [% IF edit_multiple_bugs %] - <option value="--do_not_change--">--do_not_change--</option> + [% IF edit_multiple_bugs && dontchange %] + <option value="[% dontchange FILTER html %]">[% dontchange FILTER html %]</option> [% END %] [% IF !flag || (can_edit_flag && user.can_request_flag(type)) || flag.setter_id == user.id %] <option value="X" label="X"></option> diff --git a/template/en/default/global/header.html.tmpl b/template/en/default/global/header.html.tmpl index f91c55626..3b8dc3a3b 100644 --- a/template/en/default/global/header.html.tmpl +++ b/template/en/default/global/header.html.tmpl @@ -32,6 +32,7 @@ header_addl_info = "" onload = "" style_urls = [] + javascript_urls = [] yui = [] generate_api_token = 0 %] diff --git a/template/en/default/global/textarea.html.tmpl b/template/en/default/global/textarea.html.tmpl index f3e23dd3f..313329579 100644 --- a/template/en/default/global/textarea.html.tmpl +++ b/template/en/default/global/textarea.html.tmpl @@ -27,6 +27,8 @@ # defaultcontent: (optional) Default content for the textarea. # mandatory: (optional) Boolean specifying whether or not the textarea # is mandatory. + # field_hidden: (optional) True if the field is hidden. Only useful if + # the field is mandatory. #%] <textarea [% IF name %]name="[% name FILTER html %]"[% END %] @@ -46,7 +48,7 @@ onFocus="this.rows=[% maxrows FILTER html %]" [% END %] [% IF mandatory %] - aria-required="true" required + data-required="true" [% 'aria-required="true" required' UNLESS field_hidden %] [% END %] [% IF onchange %] onchange="[% onchange FILTER html %]" diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl index df864790e..ada7e4fb8 100644 --- a/template/en/default/global/user-error.html.tmpl +++ b/template/en/default/global/user-error.html.tmpl @@ -94,7 +94,7 @@ [% ELSIF error == "alias_too_long" %] [% title = "Alias Too Long" %] - [% terms.Bug %] aliases cannot be longer than 20 characters. + [% terms.Bug %] aliases cannot be longer than 40 characters. Please choose a shorter alias. [% ELSIF error == "api_key_not_valid" %] diff --git a/template/en/default/list/list.html.tmpl b/template/en/default/list/list.html.tmpl index 65065bf32..368cd9c08 100644 --- a/template/en/default/list/list.html.tmpl +++ b/template/en/default/list/list.html.tmpl @@ -237,7 +237,7 @@ ><img title="iCal Format" alt="iCal" src="images/ical.png" height="24" width="24"></a> <button type="button" id="change_columns" onclick="document.location='colchange.cgi?[% urlquerypart FILTER html %]&query_based_on= - [%~ defaultsavename OR searchname FILTER uri %]'"> + [%~ defaultsavename OR searchname FILTER uri FILTER js %]'"> Change Columns</button> @@ -261,7 +261,7 @@ [% END %] <div class="bz_query_edit"> <button type="button" id="edit_search" - onclick="document.location='[% PROCESS edit_search_url %]'"> + onclick="document.location='[% PROCESS edit_search_url FILTER js %]'"> Edit Search</button> </div> @@ -269,7 +269,7 @@ <div class="bz_query_forget"> <button type="button" id="forget_search" onclick="document.location='buglist.cgi?cmdtype=dorem&remaction=forget&namedcmd= - [%- searchname FILTER uri %]&token= + [%- searchname FILTER uri FILTER js %]&token= [%- issue_hash_token([search_id, searchname]) FILTER uri %]'"> Forget Search '[% searchname FILTER html %]'</button> </div> diff --git a/template/en/default/pages/release-notes.html.tmpl b/template/en/default/pages/release-notes.html.tmpl index d4bf1c596..e5ccf4d5a 100644 --- a/template/en/default/pages/release-notes.html.tmpl +++ b/template/en/default/pages/release-notes.html.tmpl @@ -41,6 +41,49 @@ your version and this one, <strong>particularly the Upgrading section of each version's release notes</strong>.</p> +<h2 id="point">Updates in this 5.0.x Release</h2> + +<h3>5.0.1</h3> + +<p>This release fixes one security issue. See the + <a href="https://www.bugzilla.org/security/4.2.14/">Security Advisory</a> + for details.</p> + +<p>This release also contains the following [% terms.bug %] fixes:</p> + +<ul> + <li>Users whose login name is not an email address could not log in on + installations which use LDAP to authenticate users. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1179160">[% terms.Bug %] 1179160</a>)</li> + <li>If a mandatory custom field was hidden, it was not possible to create + a new [% terms.bug %] or to edit existing ones. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1183398">[% terms.Bug %] 1183398</a> + and <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1196969">[% terms.bug %] 1196969</a>)</li> + <li>A user editing his login name to point to a non-existent email address + could cause Bugzilla to stop working, causing a denial of service. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1194987">[% terms.Bug %] 1194987</a>)</li> + <li>Emails generated during a transaction made PostgreSQL stop working. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1186700">[% terms.Bug %] 1186700</a>)</li> + <li>[% terms.Bugs %] containing a comment with a reference to a [% terms.bug %] + ID larger than 2^31 could not be displayed anymore using PostgreSQL. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1191937">[% terms.Bug %] 1191937</a>)</li> + <li>Emails sent by [% terms.Bugzilla %] are now correctly encoded as UTF-8. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=714724">[% terms.Bug %] 714724</a>)</li> + <li>The date picker in the "Time Summary" page was broken. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1181649">[% terms.Bug %] 1181649</a>)</li> + <li>If <kbd>Test::Taint</kbd> or any other Perl module required to use the + JSON-RPC API was not installed or was too old, the UI to tag comments was + displayed anyway, you could tag comments, but tags were not persistent + (they were lost on page reload). Now the UI to tag comments is not displayed + at all until the missing Perl modules are installed and up-to-date. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1183227">[% terms.Bug %] 1183227</a>)</li> + <li>Custom fields of type <kbd>INTEGER</kbd> now accept negative integers. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1198659">[% terms.Bug %] 1198659</a>)</li> + <li>On Windows, the <kbd>checksetup.pl</kbd> installation script no longer + asks for a SMTP server. It can be set after the installation is complete. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1191255">[% terms.Bug %] 1191255</a>)</li> +</ul> + <h2 id="req">Minimum Requirements</h2> <p>Any requirements that are new since 4.4 will look like @@ -333,7 +376,7 @@ <li>Bugzilla code now uses <kbd>use parent</kbd> instead of <kbd>use base</kbd> in all places applicable.</li> <li>A new hook called <kbd>cgi_headers</kbd> has been added to allow - customization of the HTTP headers returned.</kbd> + customization of the HTTP headers returned.</li> <li>A new hook called <kbd>user_check_account_creation</kbd> has been added to add extra checks before accepting the creation of a new user account.</li> </ul> diff --git a/userprefs.cgi b/userprefs.cgi index 870a63f82..10c62657b 100755 --- a/userprefs.cgi +++ b/userprefs.cgi @@ -120,8 +120,7 @@ sub SaveAccount { ThrowUserError('restricted_email_address', {addr => $new_login_name}) if $new_login_name =~ m/[^\@]+\@gentoo\.org$/ or $user->login =~ m/[^\@]+\@gentoo\.org$/; } - Bugzilla::Token::IssueEmailChangeToken($user, $new_login_name); - + $vars->{'email_token'} = Bugzilla::Token::IssueEmailChangeToken($new_login_name); $vars->{'email_changes_saved'} = 1; } } |